oauth2: always delete the temp document on a POST (#22717)
This commit is contained in:
parent
114e474d4c
commit
d5608c7478
|
@ -204,13 +204,15 @@ class OAuth2AuthorizePutView(TemplateView):
|
|||
|
||||
def post(self, request, *args, **kwargs):
|
||||
oauth2_document = OAuth2TempFile.objects.get(pk=kwargs['pk'])
|
||||
if 'cancel' in request.POST:
|
||||
error = urllib.urlencode({'error': 'access_denied'})
|
||||
oauth2_document.delete()
|
||||
uri = request.session['redirect_uri'] + '?' + error
|
||||
return HttpResponseRedirect(uri)
|
||||
try:
|
||||
if 'cancel' in request.POST:
|
||||
error = urllib.urlencode({'error': 'access_denied'})
|
||||
uri = request.session['redirect_uri'] + '?' + error
|
||||
return HttpResponseRedirect(uri)
|
||||
|
||||
UserDocument.objects.create(
|
||||
user=request.user, document=oauth2_document.document,
|
||||
filename=oauth2_document.filename)
|
||||
return HttpResponseRedirect(request.session['redirect_uri'])
|
||||
UserDocument.objects.create(
|
||||
user=request.user, document=oauth2_document.document,
|
||||
filename=oauth2_document.filename)
|
||||
return HttpResponseRedirect(request.session['redirect_uri'])
|
||||
finally:
|
||||
oauth2_document.delete()
|
||||
|
|
Loading…
Reference in New Issue